Treasury Inspector General for Tax Administration
Office of Audit
CONTROLS OVER COSTS AND BUILDING SECURITY RELATED TO OUTSOURCED OFFICE SUPPORT SERVICES NEED TO BE IMPROVED
Issued on August 19, 2011
Highlights of Report Number: 2011-10-086 to the Internal Revenue Service Chief, Agency-Wide Shared Services.
IMPACT ON TAXPAYERS
In November 2006, the Internal Revenue Service (IRS) awarded a contract with a maximum value of approximately $90 million to a private contractor to perform support services functions, including storage and management, throughout IRS facilities. Overall, TIGTA found that the IRS expends time and resources storing items it has not clearly determined to be of future usefulness and has ineffective controls over credentials, such as identification badges, issued to contractor employees. As a result, the IRS may be paying more for its support services needs than is necessary and its facilities may be at risk for unauthorized access.
WHY TIGTA DID THE AUDIT
This audit was initiated to determine whether the IRS managed outsourced support services in a cost-effective manner and minimized unauthorized access to Federal Government assets and sensitive information associated with the program.
WHAT TIGTA FOUND
TIGTA determined that the IRS should take additional steps to ensure support services are managed in a more cost-effective and secure manner. Specifically, the IRS should evaluate whether it is cost effective to continue to move into storage rather than dispose of furniture and equipment that has not been clearly determined to be of future usefulness.
In addition, TIGTA determined that controls should be improved to ensure contractor employees no longer have access to IRS locations after being separated from the contractor. The IRS could not confirm that 116 (94 percent) of the 124 employees separated from the contractor since the initiation of the contract returned their identification badges and building access cards as required. As a result, the security of IRS facilities and Federal Government assets may have been compromised.
WHAT TIGTA RECOMMENDED
TIGTA recommended that the Director, Real Estate and Facilities Management, Agency-Wide Shared Services, review all items currently in storage to identify items for possible disposal; maintain documentation regarding the reason for storage for all future items placed into warehouse storage; establish criteria to guide future decisions regarding whether items should be placed into storage; ensure the IRS retains flexibility to implement potential cost savings identified as a result of inventory reviews or changes to storage policies; and incorporate into existing procedures the required exit procedures regarding separating contractor employees. Also, the Director, Physical Security and Emergency Preparedness, Agency-Wide Shared Services, should reconcile Contractor Security Lifecycle Program records to a quarterly listing of separated employees provided by the support services contractor.
In their response, IRS management agreed to our recommendations. Management stated that they plan to evaluate the need for continued storage of existing property; develop procedures to capture the condition, age, reason for storage, and future use of stored property; continue to routinely monitor for any changes required to the support services contract; and update existing procedures to include the process and procedures to be followed for separating contractor employees. Finally, management stated that contractors are required to report all separated contractor employee information to the Contractor Security Lifecycle Program in accordance with new security clauses. In addition, the IRS plans to have the contractor provide a quarterly list of separated contractor employees to the IRS for review.
READ THE FULL REPORT
To view the report, including the scope, methodology, and full IRS response, go to:
Email Address: TIGTACommunications@tigta.treas.gov
Phone Number: 202-622-6500
Web Site: http://www.tigta.gov